File 348: EUROPEAN PATENTS 1978-2004 /Oct W03 

(c) 2004 European Patent Office 
File 349:PCT FULLTEXT 197 9-2002 /UB=2004 1028, UT=2004 1021 

(c) 2004 WIPO/Univentio 

Set Items Description 

51 1214518 TIME? ? OR TIMING OR TIMEFRAME? ? OR TIMESPAN? ? OR INTERV- 

AL? ? OR PERIOD? ? OR DURATION? ? 

52 324345 SI ( 7N) (SHORTEN??? OR DECREAS??? OR LOWER??? OR DROP???? OR 

CONDENS??? OR REDUC???? OR SHRINK??? OR CUT???? OR LESSEN???? 
OR DOWNGRAD??? OR MINIMIZ? OR MINIMIS? OR TRIM???? OR CLOS???) 

53 226012 S1(7N) (CHANG??? OR ALTER??? OR ALTERATION? ? OR ADJUST??? - 

OR ADJUSTMENT? ? OR MODIF???? OR MODIFICATION? ? OR VARY???) 

54 100488 ALERT? ? OR NOTICE? ? OR NOTIFICATION? ? OR WARNING? ? OR - 

ANNOUNCEMENT? ?. 

55 24036 S4 (5N) (RECEIV??? OR RECEPTION??? OR OBTAIN??? OR ACQUIR??? 

OR ACQUISITION? ? OR ACCEPT? OR TRANSMIT? OR TRANSMISSION? ? - 
OR COMMUNICAT? OR TRANSFER? OR BROADCAST? OR DISTRIBUT? OR CO- 
NVEY? OR SEND??? OR STREAM??? OR DELIVER? OR RETRIEV?) 

56 15735 S4 (5N) (GENERAT??? OR CREAT???? OR PRODUC????? OR ISSUE? ? - 

OR ISSUING) 

57 15872 (MESSAGE? ? OR PACKET? ? OR FRAME? ? OR S4) (7N) (RATE OR RA- 

TES OR NUMBER? ? OR VOLUME OR AMOUNT? ? OR QUANTITY) (7N) (DECR- 
EAS??? OR LOWER??? OR DROP???? OR REDUC???? OR SHRINK??? OR C- 
UT???? OR LESSEN???? OR MINIMIZ? OR MINIMIS? OR TRIM????) 

58 1238 9 (MESSAGE? ? OR PACKET? ? OR FRAME? ? OR S4) (7N) (RATE OR RA- 

TES OR NUMBER? ? OR VOLUME OR AMOUNT? ? OR QUANTITY) (7N) (CHAN- 
G??? OR ALTER??? OR ALTERATION? ? OR ADJUST??? OR ADJUSTMENT? 
? OR MODIF???? OR MODIFICATION? ? OR VARY???) 



S9 


92 


S4 (5N) TRANSFERRING 


S10 


227 


S2:S3(50N) (S5:S6 OR S9) (50N)S7:S8 


Sll 


241944 


NETWORK? ? OR LAN OR LANS OR WAN OR WANS OR INTRANET? ? OR 




EXTRANET? ? OR DISTRIBUTED ( ) (MEDIUM OR COMMUNICATION? ?) 


S12 


76 


S2 : S3 (SON) ( S5 : S6 OR S9) ( SON) S7 : S8 ( 50N) Sll 


S13 


49 


S12 AND AC=US/PR 


S14 


42 


S13 AND AY= (1970:2001) /PR 


S15 


47 


S12 AND PY=1970:2001 


S16 


56 


S14:S15 



File 347:JAPIO Nov 1976-2004 /Jun (Updated 041004) 

(c) 2004 JPO & JAPIO 
File 350:Derwent WPIX 1963-2004 /UD, UM &UP=200467 

(c) 2004 Thomson Derwent 

Set Items Description 

51 3591256 TIME? ? OR TIMING OR TIMEFRAME? ? OR TIMESPAN? ? OR INTERV- 

AL? ? OR PERIOD? ? OR DURATION? ? 

52 605642 SI ( 7N) (SHORTEN??? OR DECREAS??? OR LOWER??? OR DROP???? OR 

CONDENS??? OR REDUC???? OR SHRINK??? OR CUT???? OR LESSEN???? 
OR DOWNGRAD??? OR MINIMIZ? OR MINIMIS? OR TRIM???? OR CLOS???) 

53 210451 S1(7N) (CHANG??? OR ALTER??? OR ALTERATION? ? OR ADJUST??? - 

OR ADJUSTMENT? ? OR MODIF???? OR MODIFICATION? ? OR VARY???) 

54 112902 ALERT? ? OR NOTICE? ? OR NOTIFICATION? ? OR WARNING? ? OR - 

ANNOUNCEMENT? ? 

55 23897 S4 (5N) (RECEIV??? OR RECEPTION??? OR OBTAIN??? OR ACQUIR??? 

OR ACQUISITION? ? OR ACCEPT? OR TRANSMIT? OR TRANSMISSION? ? - 
OR COMMUNICAT? OR TRANSFER? OR BROADCAST? OR DISTRIBUT? OR CO- 
NVEY? OR SEND??? OR STREAM??? OR DELIVER? OR RETRIEV?) 

56 11227 S4 (5N) (GENERAT??? OR CREAT???? OR PRODUC?????) 

57 377204 NETWORK? ? OR LAN OR LANS OR WAN OR WANS OR INTRANET? ? OR 

EXTRANET? ? OR DISTRIBUTED ( ) (MEDIUM OR COMMUNICATION? ?) 

58 297 S2:S3 AND S5:S6 AND S7 

59 21 S8 AND (INTRUSION??? OR IDS OR ATTACK??? OR DENIAL ( 1W) SERV- 

ICE OR WORM? ? OR VIRUS OR VIRAL OR MALICIOUS OR SECUR???) 

510 10505 (MESSAGE? ? OR PACKET? ? OR FRAME? ? OR S4) (7N) (RATE OR RA- 

TES OR NUMBER? ? OR VOLUME OR AMOUNT? ? OR QUANTITY) (7N) (DECR- 
EAS??? OR LOWER??? OR -DROP???? OR REDUC???? OR SHRINK??? OR C- 
UT???? OR LESSEN???? OR MINIMIZ? OR MINIMIS? OR TRIM????) 

511 5091 (MESSAGE? ? OR PACKET? ? OR FRAME? ? OR S4) (7N) (RATE OR RA- 

TES OR NUMBER? ? . OR VOLUME OR AMOUNT? ? OR QUANTITY) (7N) (CHAN- 
G??? OR ALTER??? OR ALTERATION? ? OR ADJUST??? OR ADJUSTMENT? 
? OR MODIF???? OR MODIFICATION? ? OR VARY???) 

512 99 S2:S3 AND S5:S6 AND S10:S11 

513 9 S12 AND S7 

514 4 S12 AND (INTRUSION??? OR IDS OR ATTACK??? OR DENIAL ( 1W) SER- 

VICE OR WORM? ? OR VIRUS?? OR VIRAL OR MALICIOUS OR SECUR???) 

515 686 S10:S11 AND (INTRUSION??? OR IDS OR ATTACK??? OR DENIAL ( 1W- 

) SERVICE OR WORM? ? OR VIRUS?? OR VIRAL OR MALICIOUS OR SECUR- 
? ? ? ) 

516 11 S15 AND S4 AND S7 

517 20 S13:S14 OR S16 



File 8:Ei Compendex (R) 1970-2004 /Oct W3 

(c) 2004 Elsevier Eng. Info. Inc. 
File 35: Dissertation Abs Online 18 61-2004 /Sep 

(c) 2004 ProQuest Inf o&Learning 
File 202:Info. Sci . & Tech. Abs. 1966-2004 /Sep 09 

(c) 2004 EBSCO Publishing 
File 65: Inside Conferences 1993-2004 /Oct W4 

(c) 2004 BLDSC all rts. reserv. 
File 2:INSPEC 1969-2004 /Oct W3 

(c) 2004 Institution of Electrical Engineers 
File 233:Internet & Personal Comp. Abs. 1981-2003/Sep 

(c) 2003 EBSCO Pub. 
File 94 : JICST-EPlus 1 985-2004 /Sep W4 

(c)2004 Japan Science and Tech Corp(JST) 
File 483:Newspaper Abs Daily 1986-2004/Oct 26 

(c) 2004 ProQuest Inf o&Learning 
File 6:NTIS 1964-2004/Oct W2 

(c) 2004 NTIS, Intl Cpyrght All Rights Res 
File 144: Pascal 1973-2004/Oct W3 

(c) 2004. INIST/CNRS 
File 434 : SciSearch (R) Cited Ref Sci 1 97 4-198 9/Dec 

(c) 1998 Inst for Sci Info 
File 34: SciSearch (R) Cited Ref Sci 1 990-2004 /Oct W4 

(c) 2004 Inst for Sci Info 
File 99:Wilson Appl . Sci & Tech Abs 1983-2004 /Sep 

(c) 2004 The HW Wilson Co. 
File 583:Gale Group Globalbase (TM) 1986-2002/Dec 13 

(c) 2002 The Gale Group 
File 266:FEDRIP 2004/Aug 

Comp & dist by NTIS, Intl Copyright All Rights Res 
File 95:TEME-Technology & Management 1989-2004 /Jun Wl 

(c) 2004 FIZ TECHNIK 
File 438:Library Lit. & Info. Science 198 4 -2004 /Sep 

(c) 2004 The HW Wilson Co 
File 256:TecInfoSource 82-2004/Jul 

(c)2004 Info. Sources Inc 

Set Items Description 

51 9482367 TIME? ? OR TIMING OR TIMEFRAME? ? OR TIMESPAN? ? OR INTERV 

AL? ? OR PERIOD? ? OR DURATION? ? 

52 734001 S1(7N) (SHORTEN??? OR DECREAS??? OR LOWER??? OR DROP???? OR 

CONDENS??? OR REDUC???? OR SHRINK??? OR CUT???? OR LESSEN???? 
OR DOWNGRAD??? OR MINIMIZ? OR MINIMIS? OR TRIM???? OR CLOS??? 

53 488330 S1(7N) (CHANG??? OR ALTER??? OR ALTERATION? ? OR ADJUST??? 

OR ADJUSTMENT? ? OR MODIF???? OR MODIFICATION? ? OR VARY???) 

54 339595 ALERT? ? OR NOTICE? ? OR NOTIFICATION? ? OR WARNING? ? OR 

ANNOUNCEMENT? ? 

55 15665 S4(5N) (RECEIV??? OR RECEPTION??? OR OBTAIN??? OR ACQUIR??? 

OR ACQUISITION? ? OR ACCEPT? OR TRANSMIT? OR TRANSMISSION? ? 
OR COMMUNICAT? OR TRANSFER? OR BROADCAST? OR DISTRIBUT? OR CO 
NVEY? OR SEND??? OR STREAM??? OR DELIVER? OR RETRIEV?) 

56 30119 S4(5N) (GENERAT??? OR CREAT???? OR PRODUC????? OR ISSUE? ? 

OR ISSUING) 

57 10115 (MESSAGE? ? OR PACKET? ? OR FRAME? ? OR S4) (7N) (RATE OR RA 

TES OR NUMBER? ? OR VOLUME OR AMOUNT? ? OR QUANTITY) (7N) (DECR 
EAS??? OR LOWER??? OR DROP???? OR REDUC???? OR SHRINK??? OR C 
UT???? OR LESSEN???? OR MINIMIZ? OR MINIMIS? OR TRIM????) 

58 3886 (MESSAGE? ? OR PACKET? ? OR FRAME? ? OR S4) (7N) (RATE OR RA 

TES OR NUMBER? ? OR VOLUME OR AMOUNT? ? OR QUANTITY) (7N) (CHAN 
G??? OR ALTER??? OR ALTERATION? ? OR ADJUST??? OR ADJUSTMENT? 
? OR MODIF???? OR MODIFICATION? ? OR VARY???) 



S9 


25 


S2:S3 AND S5:S6 AND S7:S8 


S10 


. 19 


RD (unique items) 


Sll 


2333568 


NETWORK? ? OR LAN OR LANS OR WAN OR WANS OR INTRANET? ? OR 




EXTRANET? ? OR DISTRIBUTED () (MEDIUM OR COMMUNICATION? ?) 


S12 


176 


S4 AND S7:S8 AND Sll 


S13 


16 


S12 AND (INTRUSION??? OR IDS OR ATTACK??? OR DENIAL ( 1W) SER 



VICE OR WORM? ? OR VIRUS?? OR VIRAL OR MALICIOUS OR SECUR???) 



514 14 RD (unique items) 

515 113 S2:S3 AND S5:S6 AND Sll 

516 81 RD (unique items) 

Sll 55 S16 NOT (S10 OR S14 OR PY=2002 : 2004 ) 



File 275:Gale Group Computer DB(TM) 1983-2004/Oct 29 

(c) 2004 The Gale Group 
File 621:Gale Group New Prod. Annou . (R) 1 985-2004 /Oct 29 

(c) 2004 The Gale Group 
File 636:Gale Group Newsletter DB(TM) 1987-2004 /Oct 29 

(c) 2004 The Gale Group 
File 16:Gale Group PROMT (R) 1990-2004/Oct 29 

(c) 2004 The Gale Group 
File 160:Gale Group PROMT (R) 1972-1989 

(c) 1999 The Gale Group 
File 148:Gale Group Trade & Industry DB 1976-2004/Oct 15 

(c)2004 The Gale Group 
File 624 :McGraw-Hill Publications 1985-2004/Oct 28 

(c) 2004 McGraw-Hill Co. Inc 
File 15:ABI/Inform(R) 1971-2004 /Oct 29 

(c) 2004 ProQuest Inf o&Learning 
File 647:CMP Computer Fulltext 1988-2004 /Oct W3 

(c) 2004 CMP Media, LLC 
File 674:Computer News Fulltext 198 9-2004 /Sep Wl 

(c) 2004 IDG Communications 
File 696: DIALOG Telecom. Newsletters 1995-2004 /Oct 28 

(c) 2004 The Dialog Corp. 
File 369:New Scientist 1994-2004/Oct W3 

(c) 2004 Reed Business Information Ltd. 
File 810:Business Wire 198 6-1999/Feb 28 

(c) 1999 Business Wire 
File 813:PR Newswire 1987-1999/Apr 30 

(c) 1999 PR Newswire Association Inc 
File 610:Business Wire 1999-2004/Oct 27 

(c) 2004 Business Wire. 
File 613:PR Newswire 1999-2004/Oct 28 

(c) 2004 PR Newswire Association Inc 

Set Items Description 

51 145124 97 TIME? ? OR TIMING OR TIMEFRAME? ? OR TIMES PAN? ? OR INTERV 

AL? ? OR PERIOD? ? OR DURATION? ? 

52 1481983 S1(7N) (SHORTEN??? OR DECREAS??? OR LOWER??? OR DROP???? OR 

CONDENS??? OR REDUC???? OR SHRINK??? OR CUT???? OR LESSEN???? 
OR DOWNGRAD??? OR MINIMIZ? OR MINIMIS? OR TRIM???? OR CLOS??? 

53 718539 S1(7N) (CHANG??? OR ALTER??? OR ALTERATION? ? OR ADJUST??? 

OR ADJUSTMENT? ? OR MODIF???? OR MODIFICATION? ? OR VARY???) 

54 3525403 ALERT? ? OR NOTICE? ? OR NOTIFICATION? ? OR WARNING? ? OR 

ANNOUNCEMENT? ? 

55 290629 S4(5N) (RECEIV??? OR RECEPTION??? OR OBTAIN??? OR ACQUIR??? 

OR ACQUISITION? ? OR ACCEPT? OR TRANSMIT? OR TRANSMISSION? ? 
OR COMMUNICAT? OR TRANSFER? OR BROADCAST? OR DISTRIBUT? OR CO 
NVEY? OR SEND??? OR STREAM??? OR DELIVER? OR RETRIEV?) 

56 733037 S4 (5N) (GENERAT??? OR CREAT???? OR PRODUC????? OR ISSUE? ? 

OR ISSUING) 

57 22080 (MESSAGE? ? OR PACKET? ? OR FRAME? ? OR S4) (7N) (RATE OR RA 

TES OR NUMBER? ? OR VOLUME OR AMOUNT? ? OR QUANTITY) (7N) (DECR 
EAS??? OR LOWER??? OR DROP???? OR REDUC???? OR SHRINK??? OR C 
UT???? OR LESSEN???? OR MINIMIZ? OR MINIMIS? OR TRIM????) 

58 14198 (MESSAGE? ? OR PACKET? ? OR FRAME? ? OR S4) (7N) (RATE OR RA 

TES OR NUMBER? ? OR VOLUME OR AMOUNT? ? OR QUANTITY) (7N) (CHAN 
G??? OR ALTER??? OR ALTERATION? ? OR ADJUST??? OR ADJUSTMENT? 
? OR MODIF???? OR MODIFICATION? ? OR VARY???) 

59 381 S2:S3(50N)S5:S6(50N)S7:S8 

510 6951921 NETWORK? ? OR LAN OR LANS OR WAN OR WANS OR INTRANET? ? OR 

EXTRANET? ? OR DISTRIBUTED ( ) (MEDIUM OR COMMUNICATION? ?) 

511 ■ 91 S2:S3(50N)S5:S6(50N)S7:S8(50N)S10 

512 43 RD (unique items) 

513 31 S12 NOT PD>20010927 
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SPONSORED LINKS (filters not applied) SI 

• Free IDS software trial 
Enterprise level IPS/IDS. Free eval Download now. 
download.stillsecure.com 

• IDS/IPS Appliance $5999 
No Training or Certification Needed Simple Install, minimal maintenance 
www.securitymetrics.com 

• Need A Better IDS? 
Behavior-based Network Intelligence Recognizes Known & Unknown Threats! 
www.Lancope.com 

• Intrusion Prevention IPS 
UnityOne protects your network from DDoS attacks. NSS Gold Award! 
www.tippingpoint.com 

• BlacklCE PC Protection 

Latest in internet security technology. Stop intruders. 
www.BlackICE.iss.net 

WEB RESULTS by GOC^tef (Showing Results 1 - 10 of 2,010) 

1. Intrusion Detection 

... If the data is detected to be unwanted activity; the intrusion detection device needs to ale 
and respond to the attack by providing defense to ... 

www.uac.com/Products/Intrusipn_Detection/intrusion_detection.html - 10 KB 

2. A Distributed Autonomous Agent Network Intrusion Detection and ... 

... Conclusions. Intrusion detection and management is a relatively new idea. ... Alert-level n 

messages permit cooperative responses. ... 
www.cs.nps.navy.mil/people/faculty/rowe/barruspap.html - 30 KB 

3. TABLE OF CONTENTS 

... The goal of any intrusion-detection system is to alert an authority of unauthorized access 
intruders can cause any damage or take any information ... 
www.cs.nps.navy.mil/people/faculty/rowe/ingramthesis.htm - 101 KB 

4. SecurityFocus HOME Infocus: Intrusion Detection: Filling in the ... 

... doing these or similar steps every time you get an alert, it makes ... performing more in dep 
so why not make your intrusion detection system start ... 
www.securityfocus.com/infocus/1227 - October 25, 2004 - 47 KB 



5. SecurityFocus HOME Infocus: Intrusion Detection Systems 
... Anomaly The majority of IDS will alert when certain events match the . 
Heuristics for Network Intrusion Detection Systems Developed ... 
www.securityfocus.com/infocus/1213 - October 25, 2004 - 44 KB 



Reference Archive c 



6. Bypassing Intrusion Detection Systems 

... Intrusion detection is part of security ... a protocol for effective pattern searching and anor 



detection. May passively log, alert with SMTP/SNMP or have real ... 
www.blackhat.com/presentations/bh-usa-00/Rori-Gula/ron_gula.ppt - 0 B 

7. Martin Roesch 

... to analyze the full gestalt of network intrusion activity. ... Improved detection & pattern itu 
capabilities. ... Write Snort alert/log data to spool files, have a ... 

www.blackhat.com/presentations/bh-usa-01/MartyRoesch/bh-usa-01-Marty-Roesch -OB 

8. Manpage of SNORT 

... Snort - lightweight network intrusion detection system SYNOPSIS, snort [-abCdDeNopqsv\ 
alert-mode ] [-c rules-file ] [-F bpf-file ] [-h home-net ] [- ... 
www.dpo.uab.edu/~andrewb/snort/manpage.html - 21 KB 

9. Snort - Lightweight Intrusion Detection for Networks 

... are "deception systems" that perform intrusion detection by inclusion. ... Snort has no fornr 
detection mechanism. ... Alert tcp any any -> 10.1.1.0/24 100 ... 

www.pisa.org.hk/download/seminar20010908-ids/snort.ppt - 0 B 

10. ["Last updated on: Sat Mar 25 3:23:02 19951 - 

... Security Monitor (NSM) Distributed Intrusion Detection System (DIDS) Network Intrusion 
Coutermeasure Engineering (NICE) Intrusion Detection Alert (IDA) State ... 
www.cultural.com/web/security/mailing.lists/ids.welcome.html - 10 KB 
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WEB RESULTS by GOOgie* (Showing Results 11 - 20 of 2,010) 

11- Introduction to Network-Based Intrusion Detection Systems 
Using ... 

... alert tcp $ EXTE RN AL_N ET any -> $ HTTP_S E RVE RS 80 (msg:"WEB- 
CGI w3-msql Solaris ... for people dealing on a daily basis with packet 
filtering or intrusion detection. ... 

www. dsinet.org/textfiles/ids/networkJds„with„snort. html - 47 KB 

12. Intrusion Detection for Check Point FireWall-1 

... how you can use the IDS script alert. sh to track when you are being 

probed, and by whom. If you would like to see actual intrusion detection 

results, click here ... 



www.dsinet,org/textfiles/unix/Intrusion__Detection_.for_CheckPoint„FireWall-l - 28 KB 

13. IETF March 2000 Proceedings 

... INTRUSION DETECTION EXCHANGE FORMAT (IDEF) Working Group Meeting Minutes, 47th 
Min - XML/SNMP Discussion 30 Min - Intrusion Alert Protocol Discussion 5 ... 
wwwJetf.org/proceedings/00mar/47th-ietf-00mar-113.html - 22 KB 

14. IETF March 2001 Proceedings 

... the Incident Object Description and Exchange Format (IODEF) and Intrusion Detection Me: 
Exchange ... the IDWG focus on completing the transport and alert format ... 
www.ietf.org/proceedings/01mar/ietf50-112.htm - 20 KB 

15. What is IDS 

... Definition and Needs. IDS = Intrusion Detection System. ... Anomaly detection. General I 
Sensor. ... eg Axent Intruder Alert, ISS RealSecure OS Sensor, Tripwire. ... 
www.pisa.org.hk/download/seminar20010908-ids/ids.ppt - 0 B 

16. Intrusion Detection - The New Security Buzzword 

... Any alert that was triggered incorrectly ... information from ail available sources about targel 
activity for the purpose of intrusion detection and response ... 
www.azsage.org/present/101000/IDS-AZSAGE.ppt- 0 B 

17. Intrusion Detection / Internet Security lectures by Mateti 

... security officers and provide them with both a justification for the alert and the ... There are 
approaches to rule-based intrusion detection: State-based ... 
www.cs.wright.edu/~pmateti/Courses/499/IntrusionDetection/ - 23 KB 

18. Structural Versus Operational Intrusion Detection 

... discovery of these 'objects' with more than just a simple alert in an ... is used, is foiled by th 
operational intrusion detection - the attacker ... 
www.networkcommand.com/IDS/ids.html - 13 KB 

19. Cisco - Cisco Secure Intrusion Detection System 

... trouble-ticketing system, pager or e-mail to alert security personnel ... Network sensing invo 
time intrusion detection monitoring of network packets ... 
www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/tech/ntran_tc.htm - 30 KB 
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Buy / Finance a comple 
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www.dell.com 



NetPatrol IDS & IPS 
Sophisticated IDS softv 
firewall, capture & anal 
www.netpatrol.com 



20. A Description of the Automated Intrusion Detection Environment 
... Regional. Regional. Sensor. Network Level Monitoring. (Intrusion Detection). Host Level M< 
Situational Awareness and Decision Spt System. ALERT! ... 
www.securedecisions.com/documents/AIDE0907.ppt- 0 B 
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• Intelligent IDS/IPS $5999 

Internal VA Coorelation Reduces False Positives 
www.securitymetrics.com 

• Infrastructure Security 

Windows XP protects against attacks Deploy and evaluate SP2 today. 
www.microsoft.com 



si 



Intrusion detection trial 
Block malicious attacks with IPS. 
download.stillsecure.com 



Free 15-day trial download. 



Need A Better IDS? 

Behavior-based Network Intelligence Recognizes Known & Unknown Threats! 
www.Lancope.com 

BlacklCE PC Protection 

Latest in internet security technology. Stop intruders. 

www J n te rn etsec u r i ty sy ste ms.net 



Intrusion Det< 

Detect, Deter and 
& External Threats 
www.demarc.ee 
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directly from Dell 
www.dell.com 
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Protect your Wind< 
Download free eva 
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WEB RESULTS by GOOgfe* (Showing Results 1 - 10 of 1,600) 



1. A Distributed Autonomous Agent Network Intrusion Detection and ... 

A Distributed Autonomous-Agent Network-Intrusion Detection and Response System. Josepl 
neural network to measure and determine alert threshold values ... 
www.cs.nps.navy.mil/people/faculty/rowe/barruspap.html - 30 KB 

2. TABLE OF CONTENTS 

... be a response to an attack or intrusion to prevent ... It could detect user login attempts and 
another ... patterns, known attacks, or other system log entries. ... 
www.cs.nps.navy.mil/people/faculty/rowe/ingramthesis.htm - 101 KB 

3. Insertion, Evasion, and Denial of Service: Eluding Network ... 

... PAWS, but it also needs to know what the end-system's threshold value for ... The most diff 
a network intrusion detection system to accomplish is the ... 
www.insecure.org/stf/secnetjds/secnet_ids.html - 101 KB 

4. Structural Versus Operational Intrusion Detection 

... This intrusion took place within the threshold of hours of ... password is used, is foiled by t 
of operational intrusion detection - the attacker in ... 
www.networkcommand.com/IDS/ids.html - 13 KB 

5. Network Intrusion Detection Systems 

... also a question of whether the system will recognize ... normal events that combine to make 
intrusion. This can cause anomaly detection systems to be quite ... 
www.cs.utk.edu/~abdulrah/netsecurity/paper.html - 37 KB 



6. Intrusion Detection Systems and A View To Its Forensic ... 

... Active Defens e of a Computer System Using AutonomousAgents" . ... An Application of Patt« 



in Intrusion Detection", Technical ReportCSD-TR ... ALARM THRESHOLD. ... 

www.csee.umbc.edu/cadip/docs/Networklntrusion/idsforensics.ps - 0 B 

7. Intrusion detection has traditionally been done at the operating ... 

... will be considered anomalous and results within the threshold will be ... is evaluated can als< 
effectiveness of the intrusion detection system. ... 

www.cs.virginia.edu/~jones/IDS-research/Documents/Application-IDSJones-Sie - 0 B 

8. Daemon News 199905 : Intrusion Detection Systems 

... first one divides the techniques of intrusion detection into two ... The anomaly detection n 
a set of ... it signals an alarm to the system security officer ... 
www.daemonnews.org/199905/ids.html - 21 KB 

9. Intrusion Detection; ID or Ego? 

... multiple point attacks, threshold attacks, denial ... be supported through other system repo 

host and network forensics need Intrusion Detection Systems 

www.corecom.com/pres/idorego.ppt - OB 

10. Intrusion Detection / Internet Security lectures by Mateti 

... of allowed open connections define the threshold for this ... main use of neural networks for 
detection is to ... behavior of actors in the system (eg, users ... 
www.es. wright. edu/^pmateti/Courses/499/IntrusionDetection/ - 23 KB 
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11- Intrusion Detection and Vulnerability Analysis for GCA Services 



si 



... Rule-based Analysis (misuse detection) 
feature and intrusion result in Occurrence 
system calls in a ... 

www.iis.sinica.edu.tw/live/downloadfile/skhuang01.ppt - 0 8 



Feature and Parameter of 
T_S :the total time spent of all 



12. Intrusion detection has traditionally been done at the 
operating ... 

... to as fine-tuning the intrusion detection system and determines ... but 
potentially at the cost of diminished detection. ... largely a function of the 
system semantics ... 
www.cs.virginia.edu/~jones/IDS-research/Documents/MCS-9905-Sielken.doc - 0 B 
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13. Network Intrusion Detection by Rik Farrow and Richard Power Some ... 

... False Alarm Intrusion detection systems must use an exhaustive set of attack signatures .. 
systems simply used misuse detection and thresholds. ... 
www.spirit.com/Network/net0797.txt - 15 KB 

14. Data Mining Approaches for Intrusion Detection 

... We use the following post-processing scheme to detect whether a given trace is an intrusior 
the ... made by the RIPPER rules on system call sequences. ... 
www.cs.columbia.edu/~sal/hpapers/USENIX/usenix.htmI - 77 KB 

15. The Design of GrIDS A Graph Based Intrusion Detection System 

... of the attack would not be apparent GrIDS Graph Based Intrusion Detection System We n 
and branches in the graph Counts over a threshold provoke GrIDS ... 
www.ussrback.com/docs/papers/IDS/grids.pdf.html - 0 B 



16. An Intrusion-Detection Model 

... Threshold: 4. Subject-Pattern: 'Smith'. Object-Pattern: *. Value: record of 
detection system receives an audit record that matches, a ... 
www.cs.georgetown.edu/~denning/infosec/ids-model.rtf- 0 B 
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17. f Phrack Magazine — Vol. 9 I Issue 55 — 09.09.99 — 09 of 19 ... 

... Co-operation seeks to subvert the THRESHOLD component of a N-IDS attack recognition ... 
"Defeating Sniffers and Intrusion Detection Systems", horizon, Phrack ... 
www.phrack.org/phrack/55/P55-09 - 11 KB 

18. Intrusion Detection - The New Security Buzzword 

... Do I require deploying redundant detection systems? Do I want a fail closed approach? ... W 
threshold for the intrusion detection product and ... 
www.azsage.org/present/101000/IDS-AZSAGE.ppt- 0 B 

19. The Base-Rate Fallacy and the Difficulty of Intrusion Detection 

... An important require- ment is that an intrusion detection system be effective; that is, it s 
a substantial percentage of intrusions into the ... 
dx.doi.org/10. 1145/357830.357849 



20. Insertion, Evasion, and 

... but it also needs to know what the end-system's threshold value for ... Reassembly The mos 
task for a network intrusion detection system to accomplish ... 
downloads.securityfocus.com/library/ids.ps -OB 
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21. Detection, Defense, and Tracking of Internet-Wide Illegal 
Access ... 

... In this paper, a threshold to correlate ... the effectiveness and potential 
distributed systems. ... "Intrusion Detection Exchange Format " work in 
progress, http ... 

www.isoc.org/inet2000/cdproceedings/lf/lf_2.htm - 36 KB 
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22. A Method of Tracing Intruders by Use of Mobile Agents 
... Therefore, this type of intrusion detection system on a large ... an 

interface between administrators and the system. ... weights exceed a set threshold, the man 

www.isoc.org/inet99/proceedings/4k/4k_2.htm - 32 KB 



23. LASG - Attack detection 

... scanlogd monitors network packets and if a threshold is exceeded it logs 
Detection Systems, an excellent FAQ that covers all the major ... 
kl2linux.mesd.kl2.or.us/lasg/attack-detection/ - 26 KB 
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24. Using Program Behavior Profiles for Intrusion Detection 

... Ultimately, the session threshold, ST , must be exceeded ... will impact the performance of t 
... Results The table lookup intrusion detection algorithm was ... 
www.cigital.com/papers/download/sans_id99.ps - 0 B 

25. SecurityTracker.com Archives - Internet Security Systems (ISS) ... 

... a stress test against many popular intrusion detection systems (IDS ... The IDS system wi 
keep up with ... events cross the IDS detection threshold, a DoS ... 

www.securitytracker.com/id71001098 - 16 KB 

26. Mining Audit Data to Build Intrusion Detection Models 

... in building classification models to detect intrusions to ... data format specifically for intrusio 
analysispurposes. ... targets on the computer system and normally ... 
www.cc.gatech.edu/~wenke/papers/kdd98.ps - 0 B 

27. Toward Cost-Sensitive Modeling for Intrusion Detection and 

... of all models for a given class as the threshold for firing ... Intrusion Detection: An Analys 
... Bro: A system for detecting network intruders in real-time ... 
www.cc.gatech.edu/~wenke/papers/jcs_lee.ps - 0 B 

28. NETSYS.COM - The Intelligent Hacker's Choice! Firewalls Archives 

... related systems might be used as part of intrusion detection. ... write—but the goal of a de 
system wouldn't ... and scream like hell if a threshold was passed ... 
www.netsys.com/firewalls/firewalls-9408/0017.html - 9 KB 

29. The Human Immune System and Network Intrusion Detection 

... as their affinity is above the threshold. ... Since the human immune system is distributed ... 
design goals fornetwork-based intrusion detection systems. ... 
www.dcs.kcl.ac.uk/staff/jungwon/pub/EUFIThimmune.ps -OB 



30. Research in Intrusion-Detection Systems 

... to provide a form of threshold highlighting capacity ... overview of the ComputerWatch syst 



organisation, and ... Dynamic Set of Intrusion-Detection Rules DB Schemas. ... 
www.ce.chalmers.se/staff/sax/survey.ps - 0 B 
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31. Speech Outline — I. Introduction to me, and outline ... 

... when the fingerprint deviates from the baseline by a certain threshold. ... is 
used, is foiled by this system of operational intrusion detection - the 
attacker ... 

www. networkcommand.com/IDS/cuervo-speech, txt - 24 KB 

32. What is IDS 

... Definition and Needs. IDS = Intrusion Detection System. Not firewall. ... 
Signature detection. Anomaly detection. General IDS Model. ... False 
NEGATIVES. Threshold values ... 

www.pisa.org.hk/download/seminar20010908-ids/ids.ppt- 0 B 
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33. Surve y Of Misuse Detection Systems 

... If the threshold is set too low for good detection ability, high false positive rate results. 
Detection Expert System. ... 

seclab.cs.ucdavis.edu/~chungy/doc/MDS.htm - 33 KB 



34. Presentation: Future Directions for Intrusion Detection 

... from multiple hosts within cluster; individual actions below threshold. 
Define limits of legitimate use of system; Phases: detection ... 

www.ai.sri.com/~derbi/presentations/idwk9507/idwk9507. html - 10 KB 

35. Future Directions for Intrusion Detection 

... from multiple hosts within cluster; individual actions below threshold; 
Define limits of legitimate use of system; Phases: detection ... 

www.ai.sri.com/~derbi/presentations/idwk9507/idwk9507.ppt - 0 B 
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36. Framerelay 

... Beep the interface The alarm system can alert ... will include a "risk factor threshold" which 
results of years of experience with intrusion detection. ... 

www.gus.net/Intrusion_Dectection.htm - 27 KB 

37. GrIDSIA GRAPH BASED INTRUSION DETECTION SYSTEM 

... occurs when the counts exceed a user sped ed threshold thus caus ... part of GrIDS include 
ers and point IDSs (intrusion detection systems that work ... 
csrc.nist.gov/nissc/1996/papers/NISSC96/paper065/GRIDS.PDF - 0 B 

38. An Artificial Immune Model for Network Intrusion Detection 

... when a previously known intrusion is simulated ... a conceptually similar manner to natural 
systems. ... perform network traffic anomaly detection, the detectors ... 
www.dcs.kcl.ac.uk/staff/jungwon/pub/EUFITaimmune.ps - 0 B 

39. [15] TF Lunt, Using statistics to track intruders. In Proceedings ... 

... the threshold, or until the score passes the next-higher threshold, or. until ... The third part 
describes an intrusion detection system being built at ... 
www.alw.nih.gov/Security/FIRST/papers/unix/nides/canada93.ps - 0 B 



40. Navy: Hackers' coordinated efforts are difficult to detect ] GCN ... 

... under the radar of current network intrusion detection systems. ... activity thresholds of in 



detection software. ... targeted under the threshold " said Tim ... 
www.gcn.com/archives/gcn/1998/Octoberl9/32a.htm - 13 KB 
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1. An Intrusion-Detection Model 

... day and total amount of CPU time consumed by ... that a resource measure in our intrusion 
model is implemented as an event counter or interval timer on ... 
www.cs.georgetown.edu/~denning/infosec/ids-model.rtf -OB 

2. Data Mining Approaches for Intrusion Detection 

... the misclassification rates on the intrusion data increase dramatically as the time interval 
be used directly to build a detection model, a ... 
www.cs.columbia.edu/~sal/hpapers/USENIX/usenix.html - 77 KB 

3. Data Mining Approaches for Intrusion Detection 

... the misclassification rates on the intrusion dataincrease dramatically as the time interval c 
... to build a detection model, aconsiderable ... 
www.cs.columbia.edu/~wenke/papers/usenix.ps - 0 B 

4. VALCHIP VIDEO-PERFECT 

... a camera to an out of monitor, time interval between sequences ... being able to be activate 
the same time. ... in the exact moment of the detection of the ... 
www.valchip.com/valchip/valchipe/vperfect.htm - 8 KB 

5. Intrusion Detection System for Fun and Profit 

... properly architected security saves everyone time, including the security analyst. What is an 
Detection System. ... Real time vs interval based. ... 

www.shmoo.com/wp/ids/IDS.ppt -OB 

6. Mining Audit Data to Build Intrusion Detection Models 

... case that very little (sometimes no) intrusion data is ... the audit data and as the time inte 
calculate ... final rule setbe directly used to detect anomalies ... 
www.csee.umbc.edu/cadip/docs/NetworkIntrusion/kdd98.ps -OB 

7- A ppeared in: Proceedings of the 1st USENIX Workshop on Intrusion ... 

... device that uses traffic information to detect intrusions. ... to perform covert network traffic 

suppression, and ... Server X during the time interval [0; t ... 

faculty.cs.tamu.edu/zhao/zhao_pub/1999/9904Jdnmw.ps - 0 B 

8. IT Baseline Protection Manual S 5.71 Intrusion detection and ... 

... this type of intrusion detection also become immediately apparent, however: in what order 
have to be addressed and at what time intervals, if an ... 
www.isrc.qut.edu.au/itbpm/s/s5071.htm - 8 KB 

9. untitled 

... or anomaly has been detected (confidence of detection?). ... If source of intrusion is reliably 
dynamically to block this (for some time interval). ... 

www.tolerantsystems.org/ITS_Ref/ALValdes.ppt - 0 B 



10. KDD-CUP-99 Task Description 

... The 1999 KDD intrusion detection contest uses a version of ... Some intrusion experts belie 
novel attacks ... using a much larger time interval than two ... 
kdd.ics.uci.edu/databases/kddcup99/task.html - 11 KB 
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11. KDD-CUP-99 Task Description 

... The 1999 KDD intrusion detection contest uses a version of ... Some 
intrusion experts believe that most novel attacks ... using a much larger time 
interval than two ... 

kdd.ics.uci.edu/databases/kddcup99/task.html - 11 KB 

12. First Version 

... of different types of activity, plotted over time with a ... a list of events resolved during the r 
interval. ... of the intrusion and misuse detection process. ... 
www.chg.ru/SC95PROC/714_GGC/SC95.HTM - 44 KB 

13. Survey Of Misuse Detection Systems 

... Intrusion Detection Expert System (IDES, later NIDES) was ... records occurring in different 
intervals to reflect ... the recent past to detect the distribution ... 
seclab.cs.ucdavis.edu/~chungy/doc/MDS.htm - 33 KB 

14. TABLE OF CONTENTS 

... no alerts are received within two transmit intervals (10 minutes ... Figure 3 shows the decrea 
time. ... on another computer, it too would be detected and sent ... 
www.cs.nps.navy.mil/people/faculty/rowe/ingramthesis.htm - 101 KB 

15. Shifting the Focus of Survivability: Back to the Basics 

... Some kernel based intrusion detection systems are based on wrappers [6], or on ... where l< 
number of functionalities active during the time interval. Each P. ... 
www.cs.uidaho.edu/~krings/ISW-2001.ps - 0 B 

16. A PATTERN MATCHING MODEL FOR MISUSE 

... to devise metrics indicative of intrusive activity, and detect statistically large ... high number 
connections within an interval of time, unusually. ... 
www.cerias.purdue.edu/homes/spaf/tech-reps/ncsc.ps - 0 B 

17. NETSYS.COM SuSE Linux Security Mailing List Archives fenglish^ 

... better and better in (relatively) short time intervals. ... and a Honeypot for detecting and stu 
Proctor; The practical Intrusion Detection Handbook; Prentice ... 
www.netsys.com/suse-iinux-security/2001/01/msg00117.html - 13 KB 

18. Automated System Monitoring andNotification With Swatch 

... systems in sequencecould indicate an intruder trying to ... only be used when a time interva 
... We are occasionally able to detect compromised accounts ... 
www. dsinet.org/tools/various/hansen-atkins-swatch. ps.Z - 0 B 

19- A Specification Based Approach for Building Survivable System 

... So we can detect unknown intrusions. ... They may be used by the detection engine for such 
interval between the data collecting system call and the ... 
seclab.cs.sunysb.edu/sekar/papers/ycaith.doc - 0 B 

20 - Intrusion detection has traditionally been done at the operating ... 

... processor resource used during a time interval, is maintained ... account over some period < 
the ... categories, the relations that could detect the hazards ... 



si 



Intrusion Pete 
Protect your Wind< 
Download free eva 
now. 

www.port80.coi 
Place 



www .cs. Virginia. edu/~jones/IDS-research/Documents/MCS-9905-Sielken. doc - 0 B 



« Previous | Next » 



Search for "time interval detect intrusion" using: HotBot , Ask Jeeves 



Advertise | Hejp. | JeM:pn[y„Skin | Submit..Site | HotBot Jnternatioaal | VeJ(pw,,Pages 

© Copyright 2004, Lycos, Inc. All Rights Reserved. | Privacy Policy | Terms & Conditions | HotBot Your Site 



[time interval detect intrusion 



Search using: IglMcjijii ||^^^!^S| PiiI§l^Bi| 



Homepage | Advanced Search 



CUSTOM WEB FILTERS 



Tools | HotBot Skins 



Date: Before September 1 2001 [ Edit this Search ] 



WEB RESULTS by GOOglC (Showing Results 21 - 30 of 3,920) 

21. 1 ALGORITHMS FOR MINING 

... the case that very little (sometimes no) intrusion data is ... mining the audit 
data and as the time interval to calculate ... set be directly used to detect 
anomalies ... 

www.cc.gatech.edu/~wenke/papers/alg_chapter.ps - 0 B 

22. Eight Steps to A Working Intrusion Detection System 
... probably will not be detected with a one hour interval. ... that one hour is a 
long time to run ... a filter file called "bad_events" which will detect those 
events ... 

www.grox.net/doc/security/stepbystep.htm - 61 KB 

23. SuSE Security mailinglist: Re: [suse-security] Intrusion detect 

... Mon, 8 Jan 2001 05:13:52 -0700 Subject: Re: [suse-security] Intrusion detection? 
better and better > in (relatively) short time intervals. ... 
lists.suse.com/archive/suse-security/2001-Jan/0119.html - 6 KB 
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24. SuSE Security mailinglist: Re: [suse-security] Intrusion detect 

... suse.de> Subject: Re: [suse-security] Intrusion detection? ... insider, outsider) do I want 
... better and better in (relatively) short time intervals. ... 
lists.suse.com/archive/suse-security/2001-Jan/0117.html - 7 KB 

25. ISN 1998/12: FISN] REVIEW: "Intrusion Detection: Network S 

... Intrusion detection products are classified with system monitors because they usually depei 
difference between scanners and IDSs is the time interval. ... 

lists.jammed.com/ISN/1998/12/0048.html - 12 KB 

26. Live Traffic Analysis of TCP/IP Gateways 

... are constructed at the end of each interval (eg, once per ... include inter-event time (differe 
stamps between ... by a gateway monitor can detect a sudden ... 
www.sdl.sri.com/projects/emerald/live-traffic.html - 70 KB 

27. Intrusion Detection 

... users over time and comparing observed behavior to statistics to detect notable differences 
occurrences of a specific event type of an interval of time. ... 

mathcs, hood. edu/~rlight/555Lecl3. html - 43 KB 

28. Real-time Systems Design 

... Stimuli which .occur at predictable time intervals. ... Important class of real-time systems. ... 
monitor sensors on doors and windows to detect the presence ... 
nas.cl.uh.edu/whites/sp044432/slides/statemachine.PPT- 0 B 



29. Intrusion Detection 1 02/09/00 

... For example, many intrusion detection systems use theaudit records that are (already 
cumulative processor usage during a time interval, is maintained. ... 
www.cs.virginia.edu/~jones/cs551S/papers/intrude-detect-vll.ps - 0 B 
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30. SECOND IEEE-SMC INFORMATION ASSURANCE WORKSHOP, WEST POINT, NE\ 
... Anomaly detection then might pro- vide a report for the ... of the same form as for the short€ 



At the same time, recognition of the hijacking proceeds ... 
medg.lcs.mit.edu/ftp/doyle/events01.ps - 0 B 
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